CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/126604	Release Notes Vendor Advisory
https://support.apple.com/en-us/126792
https://support.apple.com/en-us/126793
https://support.apple.com/en-us/126794
https://support.apple.com/en-us/126799
https://support.apple.com/en-us/126800
http://seclists.org/fulldisclosure/2026/Mar/10

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::

History

No history.

Information

Published : 2026-03-17 23:16

Updated : 2026-03-25 01:17

NVD link : CVE-2026-20643

Mitre link : CVE-2026-20643

CVE.ORG link : CVE-2026-20643

JSON object : View

Products Affected

apple

macos
ipados
iphone_os

CWE

CWE-20

Improper Input Validation

CWE-346

Origin Validation Error

{"id": "CVE-2026-20643", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2026-03-17T23:16:17.193", "references": [{"url": "https://support.apple.com/en-us/126604", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126792", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126793", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126794", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126799", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126800", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2026/Mar/10", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-346"}]}], "descriptions": [{"lang": "en", "value": "A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy."}, {"lang": "es", "value": "Se abord\u00f3 un problema de origen cruzado en la API de Navegaci\u00f3n con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en las Mejoras de Seguridad en Segundo Plano para iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1 y macOS 26.3.2. El procesamiento de contenido web creado con fines maliciosos podr\u00eda eludir la Pol\u00edtica del Mismo Origen."}], "lastModified": "2026-03-25T01:17:04.543", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9117B15-6B46-4C64-BC4A-DDF9D9FBBEB5", "versionEndExcluding": "26.3.1"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60C61D06-6323-4C2E-96BC-F05F0C459568", "versionEndExcluding": "26.3.1"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68370079-081F-40B1-A93F-F2B042B813E4", "versionEndExcluding": "26.3.1"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}